OpenStack部署

Posted 2023-05-01 laogai13

tags:

篇首语：本文由小常识网(cha138.com)小编为大家整理，主要介绍了OpenStack部署相关的知识，希望对你有一定的参考价值。

一、packstack单点部署
- 1、配置虚拟机NAT网络连接
- 2、yum源配置
二、国赛双节点部署
- 1、准备虚拟机
- 2、镜像挂载
- 3、本地yum配置
- 4、给计算节点（node）添加新磁盘并分区
- 5、在controller和compute节点安装iaas-xiandian包
- 6、脚本安装openstack平台
三、Openstack平台使用
- 1、创建镜像
- 2、创建虚拟机
四、Keystone服务运维
- 1、keystone运维命令
- 2、keystone查询命令
五、Nova组件详解
- 1、安全组相关操作：
- 2、云主机类型操作
- 3、云主机实例操作
- 4、浮动IP
- 5、密钥管理
- 6、配额管理
六、网络neutron

正文

一、packstack单点部署

1、配置虚拟机NAT网络连接

查看vmware的NAT网络默认配置

vmwarestation软件点击上方“编辑”，选择“虚拟网络编辑器”

找到vmnet10，是NAT模式，子网地址是172.25.2.0,子网掩码是：255.255.255.0.

再点击“NAT设置”，可看到它的网关:172.25.2.2

配置当前虚拟机的网络配置

vmwarestation软件点击上方“虚拟机”，选择“设置”；

首先没有NAT网卡的，点击“添加”，添加一个新的网络适配器。

已经创建号NAT网卡的，进行如下配置：

网络连接模式改为："自定义（U）：特定虚拟网络"

在下拉选项中，选中“VMnet10(NAT模式)”

配置linux网络

进入网络配置目录

cd /etc/sysconfig/network-scripts

编辑nat网卡的配置

vi ifcfg-ens33

修改或添加如下信息：

BOOTPROTO=static
ONBOOT=yes
IPADDR=172.25.2.101
NETMASK=255.255.255.0
GATEWAY=172.25.2.2
DNS=8.8.8.8

在vi编辑器中,输入:wq进行保存退出

vi /etc/resolv.conf
加入：
nameserver 8.8.8.8
输入:wq进行保存退出

关闭防火墙

systemctl stop firewalld.service
systemctl disable firewalld.service

重启网络

systemctl restart network

测试

ping www.baidu.com

2、yum源配置

关闭网络管理

systemctl disable NetworkManager

关闭selinux，修改文件为disabled

sed -i \'s/SELINUX=enforcing/SELINUX=disabled/g\' /etc/selinux/config

selinux修改生效

setenforce 0

##################################更新yum源#################################

将官方的yum源备份到一个新目录：

mkdir /etc/yum.repos.d/repo.bak/
mv /etc/yum.repos.d/*.repo repo.bak/

更新下载阿里源

curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

清理yum

yum clean all
yum makecache

更新yum信息

yum update -y

查看当前存在的openstack版本安装源

yum list | grep openstack

安装安装源

yum install -y centos-release-openstack-queens

调整仓库配置文件

vi /etc/yum.repos.d/CentOS-QEMU-EV.repo

将文件中/$contentdir/改为/centos-7/

添加epel-repo源

curl -o /etc/yum.repos.d/epel-7.repo http://mirrors.aliyun.com/repo/epel-7.repo

添加openstack.queens.repo文件信息

cat > /etc/yum.repos.d/openstack-queens.repo << EOF
[queens]
name=queens
baseurl=https://mirrors.aliyun.com/centos/7/cloud/x86_64/openstack-queens/
enabled=1
gpgcheck=0
EOF

调整repo文件只保留

CentOS-Base.repo CentOS-QEMU-EV.repo epel-7.repo openstack-queens.repo

更新源

yum clean all && yum makecache

安装openstack-packstack软件包

yum install -y openstack-packstack

安装预备

yum -y install python-pip

一键部署openstack

packstack --allinone

1.出现error while loading shared libraries: leatherman_curl.so.1.3.0: cannot open shared object file: No such file or directory报错。

这种错误是因为，leatherman rpm包版本问题，现有是1.10，实际需要1.3

回退leatherman版本

yum downgrade leatherman
yum list | grep leatherman
leatherman.x86_64 1.3.0-9.el7 @queens
leatherman.x86_64 1.10.0-1.el7 epel
leatherman-devel.x86_64 1.10.0-1.el7 epel

回到顶部

二、国赛双节点部署

1、准备虚拟机

创建虚拟机前，创建好vmnet2(仅主机模式),vmnet10(NAT模式)网卡，检查对应的适配器是否创建成功。

准备两台vmware虚拟机，手动最小化安装2台Centos7.2系统，第一个网卡为仅主机模式，第二个网卡为NAT模式，配置CPU虚拟机，4G以上内存，50G以上硬盘。

master节点网卡：

TYPE=Ethernet

BOOTPROTO=static

DEFROUTE=yes

PEERDNS=yes

PEERROUTES=yes

IPV4_FAILURE_FATAL=no

IPV6INIT=yes

IPV6_AUTOCONF=yes

IPV6_DEFROUTE=yes

IPV6_PEERDNS=yes

IPV6_PEERROUTES=yes

IPV6_FAILURE_FATAL=no

NAME=eno16777736

UUID=f34abd2e-89c9-4daf-a28c-54765164d59d

DEVICE=eno16777736

ONBOOT=yes

IPADDR=192.168.16.10

NETMASK=255.255.255.0

Node节点网卡：

TYPE=Ethernet

BOOTPROTO=static

DEFROUTE=yes

PEERDNS=yes

PEERROUTES=yes

IPV4_FAILURE_FATAL=no

IPV6INIT=yes

IPV6_AUTOCONF=yes

IPV6_DEFROUTE=yes

IPV6_PEERDNS=yes

IPV6_PEERROUTES=yes

IPV6_FAILURE_FATAL=no

NAME=eno16777736

UUID=8bbcc106-d60f-48cc-aafd-2bde0154fa2e

DEVICE=eno16777736

ONBOOT=yes

IPADDR=192.168.16.20

NETMASK=255.255.255.0

2、镜像挂载

镜像上传到master节点，然后完成挂载即可。

# 挂载linux镜像 cd /root/; mount -o loop CentOS-7-x86_64-DVD-1511.iso /mnt/; mkdir /opt/centos7.2; cp -rvf /mnt/* /opt/centos7.2/ umount /mnt/; # 挂载iaas镜像 cd /root/; mount -o loop XianDian-IaaS-v2.2.iso /mnt/; mkdir /opt/iaas; cp -rvf /mnt/* /opt/iaas; umount /mnt/;

3、本地yum配置

分别配置控制节点和计算节点的yum

# 控制节点： rm -rf /etc/yum.repos.d/CentOS-*; cat > /etc/yum.repos.d/local.repo <<EOF [centos] name=centos baseurl=file:///opt/centos7.2 gpgcheck=0 enabled=1 [iaas] name=iass baseurl=file:///opt/iaas/iaas-repo gpgcheck=0 enabled=1 EOF

# 计算节点：(如果没有可以后面再配) rm -rf /etc/yum.repos.d/CentOS-*; cat > /etc/yum.repos.d/local.repo << EOF [centos] name=centos baseurl=ftp://192.168.16.10/centos7.2 gpgcheck=0 enabled=1 [iaas] name=iass baseurl=ftp://192.168.16.10/iaas/iaas-repo gpgcheck=0 enabled=1 EOF

为计算节点提供ftp访问方式

控制节点——yum缓存清理

yum clean all
yum makecache

控制节点——安装vsftpd和ftp

yum install -y vsftpd
yum install -y ftp
rpm -qa| grep vsftpd

控制节点——修改vsftpd配置文件

在/etc/vsftpd/vsftpd.conf中添加一行代码：
anon_root=/opt

控制节点——安装网络工具包

yum install net-tools

重启vsftpd服务

systemctl restart vsftpd

开机启动vsftpd

systemctl enable vsftpd

控制节点、计算节点——关闭防火墙

setenforce 0;
iptables -F;
iptables -X;
iptables -Z;
systemctl stop firewalld;
systemctl disable firewalld;

计算节点

yum clean all
yum makecache

4、给计算节点（node）添加新磁盘并分区

在vmware上给计算节点虚拟机添加一个新磁盘。

虚拟机——》设置——》添加——》硬盘——》scsi模式——》创建新虚拟磁盘——》20G，拆分为多个文件——》完成

# 重启计算节点虚拟机 reboot # 查看当前虚拟机的磁盘情况 fdisk -l # 可以看到Disk /dev/sdb: 21.5 GB是完全空闲的 # 创建两个空白磁盘空间 fdisk /dev/sdb n,p,回车,回车,+10G n,p,回车,回车,回车 w

5、在controller和compute节点安装iaas-xiandian包

# 控制节点、计算节点分别执行，安装软件包 yum install -y iaas-xiandian

控制节点、计算节点编辑修改配置文件/etc/xiandian/openrc.sh

--------------------system Config--------------------##

Controller Server Manager IP. example:x.x.x.x

HOST_IP=192.168.16.10

Controller HOST Password. example:000000

HOST_PASS=000000

Controller Server hostname. example:controller

HOST_NAME=controller

Compute Node Manager IP. example:x.x.x.x

HOST_IP_NODE=192.168.16.20

Compute HOST Password. example:000000

HOST_PASS_NODE=000000

Compute Node hostname. example:compute

HOST_NAME_NODE=compute

--------------------Chrony Config-------------------##

Controller network segment IP. example:x.x.0.0/16(x.x.x.0/24)

network_segment_IP=192.168.16.0/24

--------------------Rabbit Config ------------------##

user for rabbit. example:openstack

RABBIT_USER=openstack

Password for rabbit user .example:000000

RABBIT_PASS=000000

--------------------MySQL Config---------------------##

Password for MySQL root user . exmaple:000000

DB_PASS=000000

--------------------Keystone Config------------------##

Password for Keystore admin user. exmaple:000000

DOMAIN_NAME=demo
ADMIN_PASS=000000
DEMO_PASS=000000

Password for Mysql keystore user. exmaple:000000

KEYSTONE_DBPASS=000000

--------------------Glance Config--------------------##

Password for Mysql glance user. exmaple:000000

GLANCE_DBPASS=000000

Password for Keystore glance user. exmaple:000000

GLANCE_PASS=000000

--------------------Nova Config----------------------##

Password for Mysql nova user. exmaple:000000

NOVA_DBPASS=000000

Password for Keystore nova user. exmaple:000000

NOVA_PASS=000000

--------------------Neturon Config-------------------##

Password for Mysql neutron user. exmaple:000000

NEUTRON_DBPASS=000000

Password for Keystore neutron user. exmaple:000000

NEUTRON_PASS=000000

metadata secret for neutron. exmaple:000000

METADATA_SECRET=000000

Tunnel Network Interface. example:x.x.x.x

INTERFACE_IP=192.168.16.10/192.168.16.20

External Network Interface. example:eth1 第二张网卡

INTERFACE_NAME=eno33554960

External Network The Physical Adapter. example:provider

Physical_NAME=provider

First Vlan ID in VLAN RANGE for VLAN Network. exmaple:101

minvlan=1

Last Vlan ID in VLAN RANGE for VLAN Network. example:200

maxvlan=2000

--------------------Cinder Config--------------------##

Password for Mysql cinder user. exmaple:000000

CINDER_DBPASS=000000

Password for Keystore cinder user. exmaple:000000

CINDER_PASS=000000

Cinder Block Disk. example:md126p3

BLOCK_DISK=sdb1

--------------------Swift Config---------------------##

Password for Keystore swift user. exmaple:000000

SWIFT_PASS=000000

The NODE Object Disk for Swift. example:md126p4.

OBJECT_DISK=sdb2

The NODE IP for Swift Storage Network. example:x.x.x.x.

STORAGE_LOCAL_NET_IP=192.168.16.20

--------------------Heat Config----------------------##

Password for Mysql heat user. exmaple:000000

HEAT_DBPASS=000000

Password for Keystore heat user. exmaple:000000

HEAT_PASS=000000

--------------------Zun Config-----------------------##

Password for Mysql Zun user. exmaple:000000

ZUN_DBPASS=000000

Password for Keystore Zun user. exmaple:000000

ZUN_PASS=000000

Password for Mysql Kuryr user. exmaple:000000

KURYR_DBPASS=000000

Password for Keystore Kuryr user. exmaple:000000

KURYR_PASS=000000

--------------------Ceilometer Config----------------##

Password for Gnocchi ceilometer user. exmaple:000000

CEILOMETER_DBPASS=000000

Password for Keystore ceilometer user. exmaple:000000

CEILOMETER_PASS=000000

--------------------AODH Config----------------##

Password for Mysql AODH user. exmaple:000000

AODH_DBPASS=000000

Password for Keystore AODH user. exmaple:000000

AODH_PASS=000000

--------------------Barbican Config----------------##

Password for Mysql Barbican user. exmaple:000000

BARBICAN_DBPASS=000000

Password for Keystore Barbican user. exmaple:000000

BARBICAN_PASS=000000

6、脚本安装openstack平台

控制节点、计算节点分别执行如下脚本安装基础服务：

iaas-pre-host.sh

控制节点部署mysql数据库服务：

iaas-install-mysql.sh

控制节点部署keystone服务：

iaas-install-keystore.sh

控制节点部署glance服务：

iaas-install-glance.sh

控制节点部署nova服务：

iaas-install-nova-controller.sh

计算节点部署nova服务

iaas-install-nova-compute.sh

控制节点部署neutron

iaas-install-neutron-controller.sh

错误处理——修改脚本：

vi /usr/local/bin/iaas-install-neutron-controller-gre.sh

将最后一行的

systemctl enabled neutron-lbaas-agent 改为 systemctl enable neutron-lbaas-agent

再执行下面的脚本：

iaas-install-neutron-controller-gre.sh

计算节点部署neutron

iaas-install-neutron-compute.sh

iaas-install-neutron-compute-gre.sh

控制节点部署dashboard

iaas-install-dashboard.sh

回到顶部

三、Openstack平台使用

两节点部署，192.168.16.10为控制节点。192.168.16.20为计算节点。

1、创建镜像

控制节点上，找到qcow2镜像

[root@controller ~]# cd /opt/iaas/images/
[root@controller images]# ls
CentOS_6.5_x86_64_XD.qcow2 CentOS_7.2_x86_64_XD.qcow2 MySQL_5.6_XD.qcow2

上传镜像致Glance服务

在控制节点，通过glance命令，将qcow2镜像上传到平台

[root@controller images]# source /etc/keystone/admin-openrc.sh
[root@controller images]# glance image-create --name "centos7.2" --disk-format qcow2 --container-format bare --progress < CentOS_7.2_x86_64_XD.qcow2

2、创建虚拟机

（1）创建外部网络

选择菜单栏项目——》网络——》网络。单击创建网络，来创建虚拟机网络。

创建网络名net-gre，配置子网名称为net-subnet，网络地址为192.168.20.0/24，网关为192.168.20.2。

再配置DHCP地址池，激活DHCP，配置DNS为114.114.114.114。点击“已创建”创建网络。

选择菜单栏管理员——》系统——》网络。对已创建的net-gre网络，点击 “编辑网络”，在弹框中勾选“外部网络”。

（2）创建内部网络

选择菜单栏项目——》网络——》网络。单击创建网络，来创建虚拟机网络。

创建网络名int-gre，配置子网名称为 int-subnet，网络地址为10.10.0.0/24，网关为10.10.0.1。

配置DHCP地址池，激活DHCP。点击“已创建”创建网络。

（3）创建路由器

选择菜单栏项目——》网络——》路由。单击新建路由，来创建路由。

创建路由名称为route，外部网络选择 net-gre。点击“新建路由”创建路由。

在route路由中内部网络接口：

单击新建的路由名称，选择接口标签。点击 "增加接口"按钮。

在弹框中，选择 int-gre 内部网络，再点击提交。

（4）安全组配置

管理访问策略安全组，选择菜单栏项目——》计算——》访问&安全。单击default安全组管理规则按钮。

点击添加规则，选择"所有ICMP协议"，单击添加按钮；选择"所有TCP协议"，单击添加按钮；选择"所有UDP协议"，单击添加按钮。

（5）创建云主机

创建云主机，选择菜单栏项目——》计算——》云主机。单击右侧 "创建云主机"按钮。

云主机名称为：test，数量：1。选择centos7.2镜像；选择m1.small资源类型；选择int-gre网络。然后单击"启动实例"按钮创建实例。

选择菜单栏项目——》计算——》云主机。在主机下拉框中选择 "绑定浮动IP"菜单命令。在弹框中点击 "+"分配一个地址，单击 "分配IP"按钮。点击 "关联"按钮，关联浮动IP地址。

（6）连接云主机

打开CMD窗口，通过ping命令测试连通云主机。

使用secureCRT工具，连接云主机，用户名：root,密码：000000。

回到顶部

四、Keystone服务运维

在Openstack框架中，keystone(Openstack Identity Service)的功能是负责验证身份、校验服务规则和发布服务令牌的，它实现了Openstack的Identity API.keystone可分解为两个功能：权限管理和服务目录。

https://www.cnblogs.com/mh20131118/p/12942346.html

https://www.cnblogs.com/linuxk/p/9282996.html

1、keystone运维命令

环境配置

source /etc/keystone/admin-openrc.sh

创建 hqs用户

openstack user create --password ps1234 --email hqs@example.com --domain demo hqs

创建acme项目

openstack project create --domain demo acme

创建角色

openstack role create compute-user

绑定用户和项目权限

添加的用户需要分配一定的权限，需要把用户关联绑定到对应的项目和角色

openstack role add --user hqs --project acme compute-user

2、keystone查询命令

用户列表查询

查询hqs用户详细信息

查询当前openstack平台所有项目

查询acme项目详情

查询所有keystone角色

查询compute-user角色详细信息

查看平台所有服务所使用的端点地址

回到顶部

五、Nova组件详解

计算节点通过Nova Computer进行虚拟机创建，通过libvirt调用kvm创建虚拟机，nova之间通信通过rabbitMQ队列进行通信。

Nova位于Openstack架构的中心，其他服务或者组件（比如Glance、Cinder、Neutron等）对它提供支持，另外它本身的架构也比较复杂。

作用：

1. Nova是OpenStack最核心的服务模块，负责管理和维护云计算环境的计算资源，负责整个云环境虚拟机生命周期的管理。
1. Nova是OpenStack的计算服务，负责维护和管理的网络和存储，提供计算服务。

https://www.cnblogs.com/mh20131118/p/12939358.html

https://www.cnblogs.com/linuxk/p/9454258.html

1、安全组相关操作：

nova
secgroup-add-default-rule Add a rule to the set of rules that will be
added to the \'default\' security group for new
tenants (nova-network only).
secgroup-add-group-rule Add a source group rule to a security group.
secgroup-add-rule Add a rule to a security group.
secgroup-create Create a security group.
secgroup-delete Delete a security group.
secgroup-delete-default-rule
Delete a rule from the set of rules that will
be added to the \'default\' security group for
new tenants (nova-network only).
secgroup-delete-group-rule Delete a source group rule from a security
group.
secgroup-delete-rule Delete a rule from a security group.
secgroup-list List security groups for the current tenant.
secgroup-list-default-rules
List rules that will be added to the \'default\'
security group for new tenants.
secgroup-list-rules List rules for a security group.
secgroup-update Update a security group.

安全组查看：

安全组创建

[root@controller ~]# nova secgroup-create hqs \'Most great security group\'
+--------------------------------------+------+---------------------------+
| Id | Name | Description |
+--------------------------------------+------+---------------------------+
| 1f2e9304-2fa0-45ac-a407-9816c72a1190 | hqs | Most great security group |
+--------------------------------------+------+---------------------------+

安全组更新

[root@controller ~]# nova secgroup-update 218faa36-c250-40d5-9775-534049e5771a hqs111 \'One of the most great security group \'
+--------------------------------------+--------+---------------------------------------+
| Id | Name | Description |
+--------------------------------------+--------+---------------------------------------+
| 218faa36-c250-40d5-9775-534049e5771a | hqs111 | One of the most great security group |
+--------------------------------------+--------+---------------------------------------+

安全组删除

[root@controller ~]# nova secgroup-delete hqs111

安全组规则查看

[root@controller ~]# nova secgroup-list-rules hqs
+-------------+-----------+---------+----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+----------+--------------+
+-------------+-----------+---------+----------+--------------+
[root@controller ~]# nova secgroup-list-rules default
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| tcp | 1 | 65535 | 0.0.0.0/0 | |
| udp | 1 | 65535 | 0.0.0.0/0 | |
| icmp | -1 | -1 | 0.0.0.0/0 | |
| | | | | default |
| | | | | default |
+-------------+-----------+---------+-----------+--------------+

安全组规则添加

[root@controller ~]# nova secgroup-add-rule hqs icmp -1 -1 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| icmp | -1 | -1 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+
[root@controller ~]# nova secgroup-add-rule hqs udp 1 65535 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| udp | 1 | 65535 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+
[root@controller ~]# nova secgroup-add-rule hqs tcp 1 65535 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| tcp | 1 | 65535 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+

安全组规则删除

[root@controller ~]# nova secgroup-delete-rule hqs icmp -1 -1 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| icmp | -1 | -1 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+
[root@controller ~]# nova secgroup-list-rules hqs
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| udp | 1 | 65535 | 0.0.0.0/0 | |
| tcp | 1 | 65535 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+

2、云主机类型操作

nova
flavor-access-add Add flavor access for the given tenant.
flavor-access-list Print access information about the given
flavor.
flavor-access-remove Remove flavor access for the given tenant.
flavor-create Create a new flavor.
flavor-delete Delete a specific flavor
flavor-key Set or unset extra_spec for a flavor.
flavor-list Print a list of available \'flavors\' (sizes of
servers).
flavor-show Show details about the given flavor.

云主机类型列表查看

[root@controller ~]# nova flavor-list
+--------------------------------------+-----------+-----------+------+-----------+------+-------+-------------+-----------+
| ID | Name | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public |
+--------------------------------------+-----------+-----------+------+-----------+------+-------+-------------+-----------+
| 1 | m1.tiny | 512 | 1 | 0 | | 1 | 1.0 | True |
| 2 | m1.small | 2048 | 20 | 0 | | 1 | 1.0 | True |
| 3 | m1.medium | 4096 | 40 | 0 | | 2 | 1.0 | True |
| 4 | m1.large | 8192 | 80 | 0 | | 4 | 1.0 | True |
| 5 | m1.xlarge | 16384 | 160 | 0 | | 8 | 1.0 | True |
| 7645393e-4f46-473a-85bf-6ea69669dac2 | m1-hqs | 512 | 10 | 0 | | 1 | 1.0 | True |
+--------------------------------------+-----------+-----------+------+-----------+------+-------+-------------+-----------+

云主机类型添加

[root@controller ~]# nova flavor-create m1.hqs 6 1024 10 1
+----+--------+-----------+------+-----------+------+-------+-------------+-----------+
| ID | Name | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public |
+----+--------+-----------+------+-----------+------+-------+-------------+-----------+
| 6 | m1.hqs | 1024 | 10 | 0 | | 1 | 1.0 | True |
+----+--------+-----------+------+-----------+------+-------+-------------+-----------+

云主机类型详情查看

云主机类型删除

[root@controller ~]# nova flavor-delete m1-hqs

3、云主机实例操作

实例列表查看

nova list

实例详情查看

nova show

实例创建

nova boot --image [--volume ] --availability-zone nova --flavor --security-groups --nic <net-id=net-uuid>

1、查看镜像

glance image-list

2、查看规格

nova flavor-list

3、查看安全组

nova secgroup-list

4、查看可用的网络

neutron net-list

nova boot
--image centos7.2
--availability-zone nova
--flavor m1.hqs
--security-groups hqs
--nic net-id=64306052-bcec-4209-ac4c-45b9d2de4dde
caocao-server1

5、实例创建

实例停止

[root@controller ~]# nova stop hqs_server
Request to stop server hqs_server has been accepted.

实例启动

[root@controller ~]# nova start hqs_server
Request to start server hqs_server has been accepted.

实例重启

实例挂起

实例删除

4、浮动IP

nova
floating-ip-associate Associate a floating IP address to a server.
floating-ip-bulk-create Bulk create floating IPs
by range (nova-network only).
floating-ip-bulk-delete Bulk delete floating IPs by range (nova-
network only).
floating-ip-bulk-list List all floating IPs (nova-network only).
floating-ip-create Allocate a floating IP for the current tenant.
floating-ip-delete De-allocate a floating IP.
floating-ip-disassociate Disassociate a floating IP address from a
server.
floating-ip-list List floating IPs.
floating-ip-pool-list List all floating IP pools.

创建浮动IP

语法：nova floating-ip-create

[root@controller nova]# nova floating-ip-create net-gre
+--------------------------------------+--------------+-----------+----------+---------+
| Id | IP | Server Id | Fixed IP | Pool |
+--------------------------------------+--------------+-----------+----------+---------+
| fcb2439d-ba4f-4467-ad60-34726d57aba4 | 192.168.37.5 | - | - | net-gre |
+--------------------------------------+--------------+-----------+----------+---------+

浮动IP的列表信息

[root@controller nova]# nova floating-ip-list
+--------------------------------------+--------------+-----------+----------+---------+
| Id | IP | Server Id | Fixed IP | Pool |
+--------------------------------------+--------------+-----------+----------+---------+
| fcb2439d-ba4f-4467-ad60-34726d57aba4 | 192.168.37.5 | - | - | net-gre |
+--------------------------------------+--------------+-----------+----------+---------+

浮动IP地址池信息

[root@controller nova]# nova floating-ip-pool-list
+---------+
| name |
+---------+
| net-gre |
+---------+

查看浮动IP详细信息

浮动ip关联给实例

语法：nova floating-ip-associate [--fixed-address <fixed_address>]

参数：

Name or ID of server.（nova list）

IP Address.(nova floating-ip-list)

浮动IP解除关联实例

语法：nova floating-ip-disassociate

解除关联并删除浮动IP

5、密钥管理

nova
keypair-add Create a new key pair for use with servers.
keypair-delete Delete keypair given by its name. (Supported
by API versions \'2.0\' - \'2.latest\') [hint: use
\'--os-compute-api-version\' flag to show help
message for proper version]
keypair-list Print a list of keypairs for a user (Supported
by API versions \'2.0\' - \'2.latest\') [hint: use
\'--os-compute-api-version\' flag to show help
message for proper version]
keypair-show Show details about the given keypair.
(Supported by API versions \'2.0\' - \'2.latest\')
[hint: use \'--os-compute-api-version\' flag to
show help message for proper version]

查看密钥列表

查看密钥详情

创建密钥

[root@controller ~]# nova keypair-add hqs --key-type ssh
-----BEGIN RSA PRIVATE KEY-----
MIIEpwIBAAKCAQEAw3YnZk1ej5j3+CjpWalgmVWxrdAVZGfpC3Qklz+0RW7p4nTn
VlkGL7mWEgx7fmRaBzZuwUuSuvFB79zWhGZqh7Dt0Zeibyy48u3AtZtDY1ZVkvss
Vq7zOdUgg+2C8Em7KTAXsuf1I7KPxgJHX7j9pluN8zBQKiYYi4K+RPCVtisw3ev0
Ey5vi7e1IuUawXpjWnGe+/yzCZWgL8X2uhyYH0cJUmO3PbFuX0aoZr/JsLbMfkeL
0hCDkpKgkx8L/VD6C8FW+Z3mfJGxJtGwakb+BGyOYZ3j/Sv7bh03QKPgViqJ9CGa
WL5/y8dYmFLYM45Gb60FLWPSHWLmH9SFnmV7UwIDAQABAoIBABkiGUDbU/xs8/2x
7Qd9cxFkZntuFUIa5ml1nrrgEyMWdvaKh7Cfs97xIy3g8wQ2jSj+Q9GRESX+nbbl
E6RksvANvRbFQ7q96m46ShxQAaNFV62VpIbk6huWnx63rK2PHYTXTUTQ9MGJVVll
s53IYL1CaodJwBUbXu6ZejPNJ8MLoyom7cH89uaP5K8Ej7pHObaxMBCkSylU0vcG
qJp0Gu1NbnQ823EYm5QeEqUfG8xLyXKOvAq3scZHg5hqdD6SDVOYm3uQM8TF8zkY
SSTYrwktj7g7vP6ZQ0zY3k/s/zxMbTIurwwNm8L93tPcgtJUMw+fPYu3OHr9nhBt
aeFJ6AkCggCBANoJLHA6j5Jgj0uLy+ur8BmU8qSCJ7Nmx3JZFj2ELoZcLzjniHqH
14QHqnBgFxaUAvmpy8wCMnIKrk83FdEkgk2vwSlsr1uEiz+MNHKqapWwiezR87HB
5XsgtHpOsBlTpzQlOL7TJX7kCtZYgyGbQJvLMeek+cqy2YsNp28AgFulAoIAgQDl
fr5dBmEMBtTVaAjZFlyhJIXpf93QeC9KTtCLJ0QXAVPpCLlnulC8W4JfuZDTFqOr
gnx1y84DfyoZ4/K6zPNfqguRRzE2sxMNDLNZeyZiA10uZwEh+AJtCf54FU2xZtVP
1eZ7I4QMR2jaDSj5nWgF90DYHoWLxOEeIVnTnFoplwKCAIANyxrGls3SYs1t6BAk
fqIX3DZldd5xGQVxFHW1upD+6wIJxYv6xHE75wg/R7TuNrrhdH5yD4mFcWuJk2CL
9JVRuNatejS1w3LTuFjxEBriEWMIWlfiXPPZkD4aprO5RnODdv9aAx2SI3cUDFFv
ZNT3hilIEEXFLv9YLqry+MMmCQKCAIBpG+OUN5e7KmXQWBW1V8iVBWVPzICLOoBu
SCq7kQBeiP0lfhlsqKjRnBfaP+NUysmrg9f9G5r/fv6JXR2O8M+GwRsLLtAbfWj8
URTTptOtkFzdI9Ag/rYdurYRybAL0E1ig1VMkLep6Ard06kwqic6lEPeuBvyJ/nz
EtNRWArzgQKCAIAQDXQbP+20nzHoWqy1sFYIpOYrC+pZGX3tZb8DfAKrhrL+FkGe
PSe6bNwgWVDEUwTyvoPUexvAVi7nZ1sqMw/Ar+KxCXcti+dzZZZa3typLQMceOr2
wFfpNMT/Kq2DTrgkXN+jpFczv/R0kNn5bOB/DIm8JUeN44k97lMzIrD7TA==
-----END RSA PRIVATE KEY-----

删除密钥

6、配额管理

# 待补全 [root@controller ~]# openstack quota show admin +----------------------+----------------------------------+ | Field | Value | +----------------------+----------------------------------+ | backup_gigabytes | 1000 | | backups | 10 | | cores | 20 | | firewall | 10 | | firewall_policy | 10 | | firewall_rule | 100 | | fixed-ips | -1 | | floating-ips | 50 | | gigabytes | 1000 | | health_monitor | -1 | | injected-file-size | 10240 | | injected-files | 5 | | injected-path-size | 255 | | instances | 10 | | key-pairs | 100 | | member | -1 | | network | 10 | | per_volume_gigabytes | -1 | | pool | 10 | | port | 50 | | project | 386dbfcf77e444c7872e4e23d5829fcc | | properties | 128 | | ram | 51200 | | rbac_policy | 10 | | router | 10 | | secgroup-rules | 100 | | secgroups | 10 | | server_group_members | 10 | | server_groups | 10 | | snapshots | 10 | | subnet | 10 | | subnetpool | -1 | | vip | 10 | | volumes | 10 | +----------------------+----------------------------------+

回到顶部

六、网络neutron

网络管理

查看网络列表信息

查看网络详细信息

创建网络

[ro

packstack部署openstacky要多久

参考技术A 看掌握程度部署方式主要有手动部署和自动化部署。
没啥好办法，按照官方文档，一步一步进行安装，对于初学者来说，有助于加深理解。个人建议，先学习各个组件，大致理解每个组件的原理和用途，再进行安装尝试。
自动化部署：自动化部署方式有很多，这里只列举比较常用的几个。Kolla：容器化部署方式，所有的服务和组件都打包成了docker镜像，部署简单。
个人喜欢这种方式，因此排在第一位。DevStack.一键脚本安装，快速搭建openstack开发环境。RDO.红帽开源的openstack部署工具，只支持redhat及centos系列的系统。Fuel.OpenStack的开源部署和管理工具。功能强大，掌握起来有一定难度。

以上是关于OpenStack部署的主要内容，如果未能解决你的问题，请参考以下文章

packstack部署openstacky要多久

Openstack云计算：openstack rocky部署三：nova 部署与验证（控制节）

OpenStack--T版部署（内容较多，需要细品(❁´◡`❁)）！

Openstack云计算 Openstack Rocky部署三： glance 部署与验证

OpenStack部署（持续更新）！